webrtc-sdk · cloudwebrtc · Mar 9, 2026 · Mar 9, 2026 · Mar 16, 2026 · Mar 16, 2026
diff --git a/BUILD.gn b/BUILD.gn
@@ -73,6 +73,7 @@ rtc_shared_library("libwebrtc") {
     "include/rtc_audio_source.h",
     "include/rtc_audio_track.h",
     "include/rtc_data_channel.h",
+    "include/rtc_data_packet_cryptor.h",
     "include/rtc_dtls_transport.h",
     "include/rtc_dtmf_sender.h",
     "include/rtc_frame_cryptor.h",
@@ -115,6 +116,8 @@ rtc_shared_library("libwebrtc") {
     "src/rtc_audio_source_impl.h",
     "src/rtc_audio_track_impl.cc",
     "src/rtc_audio_track_impl.h",
+    "src/rtc_data_packet_cryptor_impl.cc",
+    "src/rtc_data_packet_cryptor_impl.h",
     "src/rtc_data_channel_impl.cc",
     "src/rtc_data_channel_impl.h",
     "src/rtc_dtls_transport_impl.cc",

diff --git a/include/base/fixed_size_function.h b/include/base/fixed_size_function.h
@@ -7,6 +7,7 @@
 #ifndef FIXED_SIZE_FUNCTION_HPP_INCLUDED
 #define FIXED_SIZE_FUNCTION_HPP_INCLUDED
 
+#include <cstddef>
 #include <functional>
 #include <stdexcept>
 #include <tuple>

diff --git a/include/base/portable.h b/include/base/portable.h
@@ -15,6 +15,7 @@
 #include <cstring>
 #include <map>
 #include <string>
+#include <type_traits>
 #include <vector>
 
 /**

diff --git a/include/rtc_data_packet_cryptor.h b/include/rtc_data_packet_cryptor.h
@@ -0,0 +1,38 @@
+#ifndef LIB_RTC_DATA_PACKET_CRYPTOR_H_
+#define LIB_RTC_DATA_PACKET_CRYPTOR_H_
+
+#include "base/refcount.h"
+#include "rtc_frame_cryptor.h"
+#include "rtc_types.h"
+
+namespace libwebrtc {
+
+class EncryptedPacket : public RefCountInterface {
+ public:
+  LIB_WEBRTC_API static scoped_refptr<EncryptedPacket> Create(
+      vector<uint8_t> data, vector<uint8_t> iv, uint8_t key_index);
+  virtual vector<uint8_t> data() = 0;
+  virtual vector<uint8_t> iv() = 0;
+  virtual uint8_t key_index() = 0;
+};
+
+class RTCDataPacketCryptor : public RefCountInterface {
+ public:
+  LIB_WEBRTC_API static scoped_refptr<RTCDataPacketCryptor> Create(
+      scoped_refptr<KeyProvider> key_provider, FrameCryptorAlgorithm algorithm);
+
+  virtual scoped_refptr<EncryptedPacket> encrypt(string participant_id,
+                                                 int key_index,
+                                                 vector<uint8_t> data) = 0;
+
+  virtual vector<uint8_t> decrypt(
+      string participant_id, int key_index,
+      scoped_refptr<EncryptedPacket> encrypted_packet) = 0;
+
+ protected:
+  virtual ~RTCDataPacketCryptor() {}
+};
+
+}  // namespace libwebrtc
+
+#endif  // LIB_RTC_DATA_PACKET_CRYPTOR_H_
diff --git a/include/rtc_frame_cryptor.h b/include/rtc_frame_cryptor.h
@@ -9,11 +9,16 @@
 
 namespace libwebrtc {
 
-enum class Algorithm {
+enum class FrameCryptorAlgorithm {
   kAesGcm = 0,
   kAesCbc,
 };
 
+enum class KeyDerivationAlgorithm {
+  kPBKDF2 = 0,
+  kHKDF,
+};
+
 #define DEFAULT_KEYRING_SIZE 16
 #define MAX_KEYRING_SIZE 255
 
@@ -26,19 +31,23 @@ struct KeyProviderOptions {
   // The size of the key ring. between 1 and 255.
   int key_ring_size;
   bool discard_frame_when_cryptor_not_ready;
+  KeyDerivationAlgorithm key_derivation_algorithm;
   KeyProviderOptions()
       : shared_key(false),
         ratchet_salt(vector<uint8_t>()),
         ratchet_window_size(0),
         failure_tolerance(-1),
         key_ring_size(DEFAULT_KEYRING_SIZE),
-        discard_frame_when_cryptor_not_ready(false) {}
+        discard_frame_when_cryptor_not_ready(false),
+        key_derivation_algorithm(KeyDerivationAlgorithm::kPBKDF2) {}
   KeyProviderOptions(KeyProviderOptions& copy)
       : shared_key(copy.shared_key),
         ratchet_salt(copy.ratchet_salt),
         ratchet_window_size(copy.ratchet_window_size),
         failure_tolerance(copy.failure_tolerance),
-        key_ring_size(copy.key_ring_size) {}
+        key_ring_size(copy.key_ring_size),
+        discard_frame_when_cryptor_not_ready(copy.discard_frame_when_cryptor_not_ready),
+        key_derivation_algorithm(copy.key_derivation_algorithm) {}
 };
 
 /// Shared secret key for frame encryption.
@@ -122,15 +131,15 @@ class FrameCryptorFactory {
   frameCryptorFromRtpSender(scoped_refptr<RTCPeerConnectionFactory> factory,
                             const string participant_id,
                             scoped_refptr<RTCRtpSender> sender,
-                            Algorithm algorithm,
+                            FrameCryptorAlgorithm algorithm,
                             scoped_refptr<KeyProvider> key_provider);
 
   /// Create a frame cyrptor for [RTCRtpReceiver].
   LIB_WEBRTC_API static scoped_refptr<RTCFrameCryptor>
   frameCryptorFromRtpReceiver(scoped_refptr<RTCPeerConnectionFactory> factory,
                               const string participant_id,
                               scoped_refptr<RTCRtpReceiver> receiver,
-                              Algorithm algorithm,
+                              FrameCryptorAlgorithm algorithm,
                               scoped_refptr<KeyProvider> key_provider);
 };
 

diff --git a/include/rtc_rtp_parameters.h b/include/rtc_rtp_parameters.h
@@ -45,6 +45,7 @@ enum class RTCDegradationPreference {
   MAINTAIN_FRAMERATE,
   MAINTAIN_RESOLUTION,
   BALANCED,
+  MAINTAIN_FRAMERATE_AND_RESOLUTION,
 };
 
 class RTCRtcpFeedback : public RefCountInterface {